Executive Summary
Summary | |
---|---|
Title | evolution and evolution-data-server security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:0355 | First vendor Publication | 2009-03-16 |
Vendor | RedHat | Last vendor Modification | 2009-03-16 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated evolution and evolution-data-server packages that fixes multiple security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Description: Evolution is the integrated collection of e-mail, calendaring, contact management, communications, and personal information management (PIM) tools for the GNOME desktop environment. Evolution Data Server provides a unified back-end for applications which interact with contacts, task and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by multiple other applications. Evolution did not properly check the Secure/Multipurpose Internet Mail Extensions (S/MIME) signatures used for public key encryption and signing of e-mail messages. An attacker could use this flaw to spoof a signature by modifying the text of the e-mail message displayed to the user. (CVE-2009-0547) It was discovered that evolution did not properly validate NTLM (NT LAN Manager) authentication challenge packets. A malicious server using NTLM authentication could cause evolution to disclose portions of its memory or crash during user authentication. (CVE-2009-0582) Multiple integer overflow flaws which could cause heap-based buffer overflows were found in the Base64 encoding routines used by evolution and evolution-data-server. This could cause evolution, or an application using evolution-data-server, to crash, or, possibly, execute an arbitrary code when large untrusted data blocks were Base64-encoded. (CVE-2009-0587) All users of evolution and evolution-data-server are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All running instances of evolution and evolution-data-server must be restarted for the update to take effect. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 484925 - CVE-2009-0547 evolution-data-server: S/MIME signatures are considered to be valid even for modified messages (MITM) 487685 - CVE-2009-0582 evolution-data-server: insufficient checking of NTLM authentication challenge packets 488226 - CVE-2009-0587 evolution-data-server: integer overflow in base64 encoding functions |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-0355.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-310 | Cryptographic Issues |
33 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
33 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10081 | |||
Oval ID: | oval:org.mitre.oval:def:10081 | ||
Title: | The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type 2 packet with a length value that exceeds the amount of packet data. | ||
Description: | The ntlm_challenge function in the NTLM SASL authentication mechanism in camel/camel-sasl-ntlm.c in Camel in Evolution Data Server (aka evolution-data-server) 2.24.5 and earlier, and 2.25.92 and earlier 2.25.x versions, does not validate whether a certain length value is consistent with the amount of data in a challenge packet, which allows remote mail servers to read information from the process memory of a client, or cause a denial of service (client crash), via an NTLM authentication type 2 packet with a length value that exceeds the amount of packet data. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0582 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11385 | |||
Oval ID: | oval:org.mitre.oval:def:11385 | ||
Title: | Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel. | ||
Description: | Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0587 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21826 | |||
Oval ID: | oval:org.mitre.oval:def:21826 | ||
Title: | ELSA-2009:0354: evolution-data-server security update (Moderate) | ||
Description: | Multiple integer overflows in Evolution Data Server (aka evolution-data-server) before 2.24.5 allow context-dependent attackers to execute arbitrary code via a long string that is converted to a base64 representation in (1) addressbook/libebook/e-vcard.c in evc or (2) camel/camel-mime-utils.c in libcamel. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0354-01 CVE-2009-0547 CVE-2009-0582 CVE-2009-0587 | Version: | 17 |
Platform(s): | Oracle Linux 5 | Product(s): | evolution28-evolution-data-server evolution-data-server |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28741 | |||
Oval ID: | oval:org.mitre.oval:def:28741 | ||
Title: | RHSA-2009:0354 -- evolution-data-server security update (Moderate) | ||
Description: | Updated evolution-data-server and evolution28-evolution-data-server packages that fix multiple security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Evolution Data Server provides a unified back-end for applications which interact with contacts, task, and calendar information. Evolution Data Server was originally developed as a back-end for Evolution, but is now used by multiple other applications. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0354 CVE-2009-0547 CVE-2009-0582 CVE-2009-0587 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 | Product(s): | evolution28-evolution-data-server evolution-data-server |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9619 | |||
Oval ID: | oval:org.mitre.oval:def:9619 | ||
Title: | Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077. | ||
Description: | Evolution 2.22.3.1 checks S/MIME signatures against a copy of the e-mail text within a signed-data blob, not the copy of the e-mail text displayed to the user, which allows remote attackers to spoof a signature by modifying the latter copy, a different vulnerability than CVE-2008-5077. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-0547 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 2 |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for evolution28-evolution-data-server CESA-2009:0354 centos4 i386 File : nvt/gb_CESA-2009_0354_evolution28-evolution-data-server_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for evolution CESA-2009:0355 centos4 i386 File : nvt/gb_CESA-2009_0355_evolution_centos4_i386.nasl |
2011-08-09 | Name : CentOS Update for evolution CESA-2009:0358 centos3 i386 File : nvt/gb_CESA-2009_0358_evolution_centos3_i386.nasl |
2009-10-13 | Name : SLES10: Security update for evolution-data-server File : nvt/sles10_evolution-data-.nasl |
2009-10-11 | Name : SLES11: Security update for Evolution File : nvt/sles11_evolution-data-.nasl |
2009-06-09 | Name : Debian Security Advisory DSA 1813-1 (evolution-data-server) File : nvt/deb_1813_1.nasl |
2009-05-25 | Name : CentOS Security Advisory CESA-2009:0354 (evolution-data-server) File : nvt/ovcesa2009_0354.nasl |
2009-05-25 | Name : CentOS Security Advisory CESA-2009:0355 (evolution-data-server) File : nvt/ovcesa2009_0355.nasl |
2009-05-20 | Name : SuSE Security Summary SUSE-SR:2009:010 File : nvt/suse_sr_2009_010.nasl |
2009-03-31 | Name : Mandrake Security Advisory MDVSA-2009:078 (evolution-data-server) File : nvt/mdksa_2009_078.nasl |
2009-03-20 | Name : RedHat Security Advisory RHSA-2009:0355 File : nvt/RHSA_2009_0355.nasl |
2009-03-20 | Name : Ubuntu USN-734-1 (ffmpeg-debian) File : nvt/ubuntu_734_1.nasl |
2009-03-20 | Name : Ubuntu USN-733-1 (evolution-data-server) File : nvt/ubuntu_733_1.nasl |
2009-03-20 | Name : CentOS Security Advisory CESA-2009:0358 (evolution) File : nvt/ovcesa2009_0358.nasl |
2009-03-20 | Name : Fedora Core 9 FEDORA-2009-2792 (evolution-data-server) File : nvt/fcore_2009_2792.nasl |
2009-03-20 | Name : Fedora Core 10 FEDORA-2009-2784 (evolution-data-server) File : nvt/fcore_2009_2784.nasl |
2009-03-20 | Name : RedHat Security Advisory RHSA-2009:0358 File : nvt/RHSA_2009_0358.nasl |
2009-03-20 | Name : RedHat Security Advisory RHSA-2009:0354 File : nvt/RHSA_2009_0354.nasl |
2009-03-18 | Name : Evolution Data Server Multiple Integer Overflow Vulnerabilities File : nvt/gb_evolution_data_server_mult_int_overflow_vuln.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52703 | Evolution Data Server libcamel camel/camel-mime-utils.c Base64 String Handlin... |
52702 | Evolution Data Server evc addressbook/libebook/e-vcard.c Base64 String Handli... |
52701 | Evolution Signed-data Blob S/MIME Message Signature Verification Weakness |
52673 | Evolution Data Server Camel camel/camel-sasl-ntlm.c ntlm_challenge Function T... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0358.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0355.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0354.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090316_evolution_on_SL3_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090316_evolution_data_server_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090316_evolution_and_evolution_data_server_on_SL4_x.nasl - Type : ACT_GATHER_INFO |
2010-10-11 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_evolution-data-server-7029.nasl - Type : ACT_GATHER_INFO |
2010-05-07 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_evolution-data-server-100414.nasl - Type : ACT_GATHER_INFO |
2010-03-11 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_evolution-data-server-100208.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_evolution-data-server-6166.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_evolution-090416.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_evolution-090416.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_evolution-data-server-090416.nasl - Type : ACT_GATHER_INFO |
2009-06-09 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1813.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0354.nasl - Type : ACT_GATHER_INFO |
2009-05-26 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0355.nasl - Type : ACT_GATHER_INFO |
2009-04-30 | Name : The remote openSUSE host is missing a security update. File : suse_evolution-data-server-6171.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-733-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-078.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2784.nasl - Type : ACT_GATHER_INFO |
2009-03-19 | Name : The remote Fedora host is missing a security update. File : fedora_2009-2792.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0358.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0355.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0354.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0358.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:22 |
|